package io.gitee.zhangbinhub.admin.resource.server.base

import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
import io.gitee.zhangbinhub.admin.common.base.BaseController
import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication

/**
 * @author zhang by 15/01/2019
 * @since JDK 11
 */
abstract class BaseResourceServerController(private val logAdapter: LogAdapter) : BaseController() {
    /**
     * 校验当前token是否具有指定的所有权限
     * @param bearerTokenAuthentication 用户token授权信息
     * @param authenticationList 待校验权限列表，权限列表为空则返回false
     */
    protected fun hasAuthentication(
        bearerTokenAuthentication: BearerTokenAuthentication,
        authenticationList: MutableList<String>
    ): Boolean = authenticationList.let {
        if (it.isNotEmpty()) {
            it.forEach { authentication ->
                if (bearerTokenAuthentication.authorities.none { item -> item.authority == authentication }) {
                    logAdapter.warn("当前用户【${bearerTokenAuthentication.name}】没有权限【$authentication】")
                    return@let false
                }
            }
            true
        } else {
            logAdapter.warn("当前用户【${bearerTokenAuthentication.name}】权限列表为空")
            false
        }
    }

}